Open
Cached
·
just now
67/100
SECURITY SCORE
Certificate Information
Subject
C=US, ST=California, L=Santa Barbara, O=Apache HTTP Server, OU=For Testing Purposes Only, CN=localhost, UNKNOWN=root@localhost
Issuer
C=US, ST=California, L=Santa Barbara, O=Apache HTTP Server, OU=For Testing Purposes Only, CN=localhost CA, UNKNOWN=root@localhost
Valid From
October 13, 2018
Valid Until
October 12, 2020
Expired
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
99:00:9C:E3:97:22:C6:A0:9A:FB:D7:DD:30:F4:D8:0F:A7:E2:8F:68:B5:22:AE:47:21:90:F5:FC:8A:D6:0C:89
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
CAA Records (Certificate Authority Authorization)
CAA Records
Configured
(Restricts certificate issuance)
Current Issuer
Not Authorized
(Potential misconfiguration)
Authorized CAs
Incident Reporting
mailto:[email protected]
CAA Issues
- • CRITICAL: Current certificate issuer 'C=US, ST=California, L=Santa Barbara, O=Apache HTTP Server, OU=For Testing Purposes Only, CN=localhost CA, UNKNOWN=root@localhost' is NOT authorized by CAA records. Authorized CAs: letsencrypt.org
Recommendations
- • Consider using critical flag (flags=128) for stricter CAA enforcement
- • Consider adding 'issuewild' records to control wildcard certificate issuance